28 Apr Introducing the Core Infrastructure Initiative
It’s only just faded out of the news, but the consequences of the Heartbleed bug continue.
The Core Infrastructure Initiative has begun: a group of tech giants have joined forces to fund critical open source projects as a consequence of the Heartbleed bug.
The issue stems from the assumption of many that because something is open-source, that it has therefore been tested by peers and others to the Nth degree. That is not, as Heartbleed proved, always the case.
The Core Infrastructure Initiative is a multi-million dollar project organised by The Linux Foundation designed to fund open source projects important to core computing and Internet functions.
According to Muktware,“The Core Infrastructure group will work with an advisory board of esteemed open source developers to identify and fund open source projects in need. Support from the initiative can include funding for fellowships for key developers to work full time on the open source project, security audits, computing and test infrastructure, travel, face-to-face meeting coordination and other support.”
The consensus appears to be, that with so much money and infrastructure weighing on these open-source projects, preventable risks such as Heartbleed are unacceptable. Investment and funding may be required in order to provide the man-power and time required to bullet-proof relevant security protocols.
Chris DiBona, Director of Engineering for Open Source at Google, stated, “Google has been a longtime supporter of the Linux Foundation and open source in general, so we’re proud to join the Core Infrastructure Initiative. We believe that an open-source approach to online security will ensure that code is constantly improving, making the web a safer place for us all.”
“Open source software makes today’s computing infrastructure possible. Facebook is excited to support these projects and the developers who maintain them. This initiative will help ensure that these core components of internet infrastructure get the assistance they need to respond to new threats and to reach new levels of scale,” said Doug Beaver at Facebook.
The Core Infrastructure Initiative has thus far raised $3 million.